Complete DHS Report for
May 27, 2015
Daily Report
Top Stories
· Local
utility services reported power outages across 169,800 homes and businesses due
to severe storms across Louisiana, Texas, Arkansas, Oklahoma, and Mississippi
May 25. – Reuters
1. May 26,
Reuters – (National) Storm leaves 170,000 without power in U.S.
Gulf Coast. Local utility services reported power outages across 169,800
homes and businesses due to severe storms across Louisiana, Texas, Arkansas,
Oklahoma, and Mississippi May 25. Power companies in Texas released that most
customers would have power restored May 26, but would not be able to resume
service in flooded areas until waters recede and damages can be assessed.
Source: http://www.reuters.com/article/2015/05/26/utilities-power-outages-idUSL1N0YH0Q120150526
· The No.
137 sweet crude unit and a related vacuum distillation unit at the Philadelphia
Energy Solutions Inc., refinery were both shut down May 22 following a fire
that was contained within an hour and resulted in no injuries. – Reuters
4. May 22,
Reuters – (Pennsylvania) Fire hits Philadelphia refinery,
shutting biggest crude unit. The No. 137 sweet crude unit and a related
vacuum distillation unit at the Philadelphia Energy Solutions Inc., refinery
were both shut down May 22 following a fire that was contained within an hour
and resulted in no injuries. Plant officials have not released details on the
damages or a timeline for when the crude and vacuum distillation unit will
return online. Source: http://www.reuters.com/article/2015/05/23/us-refinery-operations-philadelphiaenerg-idUSKBN0O800120150523
· The
Governor of Texas declared disasters in 37 counties after major flooding and
high waters followed severe storms in Southeast Texas May 25 – 26. – USA
Today
11. May
26, USA Today – (Texas; Oklahoma) At least 2 dead after flooding
leaves Houston under water. The Governor of Texas declared disasters in 37
counties after major flooding and high waters followed severe storms in
Southeast Texas May 25 to May 26, leaving most major highways impassible,
hundreds of homes destroyed, and 4 people in Texas and 2 others in Oklahoma
dead. Source: http://www.usatoday.com/story/weather/2015/05/26/extreme-weather-texas-oklahoma/27945961/
· Officials
reported May 25 that internet and telephone services were restored after a
water main break in Boston flooded critical equipment that caused an outage for
approximately 10,000 customers. – Springfield Republican See item 29 below in the Communications Sector
Financial Services Sector
10. May
26, U.S. Securities and Exchange Commission – (International) SEC
Charges Deutsche Bank with misstating financial reports during financial
crisis. The U.S. Securities and Exchange Commission (SEC) reported May 26
that Deustche Bank AG agreed to pay $55 million to settle charges that the bank
allegedly filed misstated financial reports during the financial crisis that
discounted material gap risks for potential losses estimated to be in the
billions of dollars. The SEC also ordered the bank to avoid committing similar
violations in the future. Source: http://www.sec.gov/news/pressrelease/2015-99.html
Information Technology Sector
24. May 26,
Softpedia – (International) Apache HBase fixes denial-of-service, info
disclosure flaw. Apache released a fix for a vulnerability in its HBase
software in which a remote attacker with network access could create a
denial-of-service (DoS) condition and read sensitive information by exploiting
insecure Access Control Lists (ACLs) on the ZooKeeper quorum. Source: http://news.softpedia.com/news/Apache-HBase-Fixes-Denial-of-Service-Info-Disclosure-Flaw-482304.shtml
25. May 26,
Securityweek – (International) Synology fixes XSS, command injection vulnerabilities
in NAS software. Taiwan-based Synology released software updates addressing
security vulnerabilities in DiskStation Manager (DSM) network attached storage
(NAS) software that runs on the company’s DiskStation and RackStation devices,
including a cross-site scripting (XSS) bug that could allow attackers to steal
victims session tokens and login credentials or perform arbitrary actions, and
a command injection flaw that exposes devices to cross-site request forgery
(CSRF) attacks. Source: http://www.securityweek.com/synology-fixes-xss-command-injection-vulnerabilities-nas-software
26. May 26,
Securityweek – (International) Massive campaign uses router exploit kit to
change routers’ DNS servers. A security researcher discovered an active
campaign in which attackers are targeting Google Chrome browser users with
cross-site request forgery (CSRF) code attacks via compromised Web sites with
the intent of compromising routers and changing their domain name system (DNS)
settings to point to a hacker-controlled server. Researchers believe that
millions of devices across 55 router models made by several manufacturers have
been affected in the campaign. Source: http://www.net-security.org/secworld.php?id=18424
27. May 25,
Securityweek – (International) New PoS malware hits victims via spam
campaign: FireEye. Security researchers at FireEye discovered a new type of
point-of-sale (PoS) malware dubbed NitlovePoS that can capture and exfiltrate
both track one and two data from payment cards by running process on
compromised machines, and is distributed via emails containing Word documents
with embedded malicious macros. Source: http://www.securityweek.com/new-pos-malware-hits-victims-spam-camapign-fireeye
28. May 22,
Securityweek – (International) Emerson patches SQL injection vulnerability
in ICS product. Emerson’s Process Management group released a software
addressing a structured query language (SQL) injection vulnerability in its AMS
Device Manager in which an attacker could escalate privileges and gain access
to administrative functions by supplying a malformed input to the software. The
AMS Device Manager is part of the AMS Suite and is used in many industrial
control systems (ICS) worldwide, especially in the oil, gas, and chemical
industries. Source: http://www.securityweek.com/emerson-patches-sql-injection-vulnerability-ics-product
Communications Sector
29. May 25, Springfield
Republican – (Massachusetts) Boston water main break disrupts
telecommunication services for thousands throughout Massachusetts. A
Windstream spokesperson reported May 25 that Internet and telephone services
were restored after a water main break in Boston flooded critical equipment
that caused an outage for approximately 10,000 customers and impacted telephone
service at Mount Holyoke College, Tufts Medical Center, and Beth Israel
Deaconess Medical Center. Police reported 911 services are still operational
for emergencies. Source: http://www.masslive.com/news/index.ssf/2015/05/boston_water_main_break_disrup.html
30. May 25, AccuWeather –
(Oklahoma; Arkansas) NOAA weather radio outages restored in Oklahoma; radar
data challenges persist. The National Oceanic and Atmospheric
Administration’s weather radios service was restored throughout Oklahoma May 25
after a cable line issue caused an outage May 24, but the National Weather
Service (NWS) in Norman reported that Level II radar data remains unavailable for
radar sites in Tulsa, Oklahoma, and Fort Smith, Arkansas. The NWS continue to
investigate the issue. Source: http://www.accuweather.com/en/weather-news/noaa-weather-radio-outages-rep/47644891
No comments:
Post a Comment